digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 03:38:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
thomashaw
2020-12-08 17:48:28 +00:00
parent 9c2dfa7722
commit 02e69fc3bc
1 changed files with 17 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
scenarios/examples/elkstack_7.xml
View File

@@ -69,27 +69,25 @@
</input>
</service>
<!-- <utility module_path=".*/filebeat.*">-->
<!-- <input into="logstash_ip">-->
<!-- <datastore access="0">IP_address</datastore>-->
<!-- </input>-->
<!-- <input into="logstash_port">-->
<!-- <datastore access="0">logstash_port</datastore>-->
<!-- </input>-->
<!-- </utility>-->
<utility module_path=".*/filebeat.*">
<input into="logstash_ip">
<datastore access="0">IP_addresses</datastore>
</input>
<input into="logstash_port">
<datastore access="0">logstash_port</datastore>
</input>
</utility>
<!-- <utility module_path=".*/auditbeat.*">-->
<!-- <input into="logstash_ip">-->
<!-- <datastore access="0">IP_address</datastore>-->
<!-- </input>-->
<!-- <input into="logstash_port">-->
<!-- <datastore access="0">logstash_port</datastore>-->
<!-- </input>-->
<!-- </utility>-->
<utility module_path=".*/auditbeat.*">
<input into="logstash_ip">
<datastore access="0">IP_addresses</datastore>
</input>
<input into="logstash_port">
<datastore access="0">logstash_port</datastore>
</input>
</utility>
<!-- <utility module_path=".*/elastalert.*">-->
<!-- </utility>-->
<!-- TODO: Update this to use latest elastalert version <utility module_path=".*/elastalert.*"/>-->
<network type="private_network" >
<input into="IP_address">